<?php
class admin
{
   var $adt_id;
   var $adt_username;
   var $adt_password;
   var $adt_fullname;
   var $adt_email;
   var $adt_phone;
   var $adt_date;
   var $adt_images;
   var $adt_type;
   var $adt_status;
   var $msg_err;
   var $logged;
   
   function __construct($adm_name = "",$pass = ""){
      $this->logged = 0;
      if($adm_name == '')
         if(isset($_COOKIE['adm_name'])) $adm_name = $_COOKIE['adm_name'];
      if($pass == ''){
         if(isset($_COOKIE['PHPSSID_a'])) $pass = $_COOKIE['PHPSSID_a'];
      }
      
      if($adm_name == '' || $pass == '') return;
      
      $str     = 'SELECT *
                     FROM administrator
                     WHERE (adt_username = "'. replaceMQ($adm_name) .'" OR adt_email = "'. replaceMQ($adm_name) .'") AND adt_password = "'. md5($pass) .'"';
      
      $db_sel  = new db_query($str);
      if($row = mysql_fetch_assoc($db_sel->result)){
         if($row['adt_status'] == 0){
            $this->msg_err = 'Tài khoản chưa được kích hoạt !';
         }else{
            $this->logged        = 1;
            $this->adt_id        = $row['adt_id'];
            $this->adt_username  = $row['adt_username'];
            $this->adt_password  = $pass;
            $this->adt_fullname  = $row['adt_fullname'];
            $this->adt_email     = $row['adt_email'];
            $this->adt_phone     = $row['adt_phone'];
            $this->adt_date      = $row['adt_phone'];
            $this->adt_images    = $row['adt_images'];
            $this->adt_type      = $row['adt_type'];
            $this->adt_status    = $row['adt_status'];
            $this->msg_err       = '';
         }
      }else{
         $this->msg_err = 'Tài khoản hoặc mật khẩu không đúng !';
      }
   }
   
   /* Thêm mới admin */
   static function add($adt_username, $adt_password, $adt_fullname, $adt_email = '',
       $adt_phone = '', $adt_images = '', $adt_type = 0, $adt_status = 0)
   {
       if ($adt_username == '')
       {
           echo 'Login name rỗng';
           return;
       }
       if ($adt_password == '')
       {
           echo 'Mật khẩu rỗng';
           return;
       }
       $sql = '
         INSERT INTO administrator(
            `adt_username`,
            `adt_password`,
            `adt_fullname`,
            `adt_email`,
            `adt_phone`,
            `adt_date`,
            `adt_images`,
            `adt_type`,
            `adt_status`
         )
         VALUES(
            "' . $adt_username . '",
            "' . md5($adt_password) . '",
            "' . $adt_fullname . '",
            "' . $adt_email . '",
            "' . $adt_phone . '",
            ' . time() . ',
            "' . $adt_images . '",
            ' . $adt_type . ',
            '. $adt_status .'
         )
      ';
      echo $sql;
       $db_ex = new db_execute($sql);
       unset($db_ex);
   }
   
   /* Sửa thông tin admin
      adt_id   :  id của admin
      data     :  key   => trường cần sửa
                  value => gía trị thay đổi
    */
   static function Edit($adt_id,$data){
      if(!is_array($data) || empty($data) || $adt_id <= 0) return;
      
      $str     = '';
      $i       = 0;
      foreach($data as $key => $value){
         $i++;
         if($i == 1){
            $str .= $key . ' = ' . '\''. $value .'\'';
         }else{
            $str .= ',' . $key . ' = ' . '\''. $value .'\''; 
         }
      }
      $sql        = '
         UPDATE administrator
         SET
            ' . $str . '
         WHERE
            adt_id = ' . $adt_id;
         
      $db_ex      = new db_execute($sql);
      unset($db_ex);
   }

   /* Xóa admin */
   static function Delete($adt_id){
      if($adt_id <= 0) return;
      $db_ex = new db_execute('
                        DELETE FROM administrator
                        WHERE adt_id = ' . (int)$adt_id);
      unset($db_ex);
   }
   /* Deactive admin */
   static function Block($adt_id){
      if($adt_id <= 0) return;
      $db_ex = new db_execute('
                        UPDATE administrator
                        SET
                           adt_status = 0
                        WHERE
                           adt_id = ' . (int)$adt_id);
      unset($db_ex);
   }
   /* active admin */
   static function Active($adt_id){
      if($adt_id <= 0) return;
      $db_ex = new db_execute('
                        UPDATE administrator
                        SET
                           adt_status = 1
                        WHERE
                           adt_id = ' . (int)$adt_id);
      unset($db_ex);
   }
   
   /* Set cookie */
   function set_cookie($time = 0){
      if($this->logged == 1){
         if($time > 0){
            setcookie('adm_name',$this->adt_username,(time() + $time),'/');
            setcookie('PHPSSID_a',$this->adt_password,(time() + $time),'/');
         }else{
            setcookie('adm_name',$this->adt_username,null,'/');
            setcookie('PHPSSID_a',$this->adt_password,null,'/');
         }
      }else{
         return false;
      }
   }
   
   /* Logout */
  	function logout(){
		setcookie("adm_name"," ",null,"/");
		setcookie("PHPSSID_a"," ",null,"/");
      
		$_COOKIE["adm_name"] = "";
		$_COOKIE["PHPSSID_a"] = "";
		$this->logged = 0;
	}
   
   /*
	change password : Sau khi change password phải dùng hàm save cookie. Su dung trong truong hop Change Profile
	*/
	function change_password($old_password,$new_password){
		//replace quote if gpc_magic_quote = on
		$old_password = str_replace("\'","'",$old_password);
		$new_password = str_replace("\'","'",$new_password);

		//chua login -> fail
		if ($this->logged != 1) return 0;
		//old password ko đúng -> fail
		if (md5($old_password)!=$this->adt_password) return 0;

		//change password
		$db_update = new db_execute("UPDATE administrator
            									 SET adt_password = '" . md5($new_password). "'
            									 WHERE  	adt_id = " . intval($this->adt_id));
		//reset password
		$this->adt_password = md5($new_password);
		  setcookie("PHPSSID_a",$this->use_password,null,"/");
		return 1;
	}
   
   /* Check quyền admin với module xác định*/
   function check_access_module($module_id){
      if($this->logged != 1 || $module_id <= 0) return false;
      $array_result     = array( 'edit'   => 0,
                                 'remove' => 0,
                                 'add'    => 0,
                                 'view'   => 0);
      $db_sel           = new db_query('SELECT *
                                             FROM admin_moduol
                                             WHERE add_adt_id = ' . (int)$this->adt_id . ' AND add_mod_id = ' . (int)$module_id);
      if($row = mysql_fetch_assoc($db_sel->result)){
         $array_result     = array( 'edit'   => $row['add_edit'],
                                    'remove' => $row['add_remove'],
                                    'add'    => $row['add_add'],
                                    'view'   => $row['add_view']);
      }
      
      return $array_result;
   }
   
   /* Check quyền admin */
   function check_access(){
      if($this->logged != 1) return false;
      $array_return     = array();
      $db_sel           = new db_query('SELECT mod_id, mod_name, add_edit, add_remove, add_add, add_view
                                             FROM moduols
                                             LEFT JOIN (SELECT *
                                                            FROM admin_moduol
                                                            WHERE add_adt_id = ' . (int)$this->adt_id . ')
                                                            as t1
                                             ON t1.add_mod_id = moduols.mod_id');
      while($row = mysql_fetch_assoc($db_sel->result)){
         $array_return[$row['mod_id']] = array( 'mod_id'       => $row['mod_id'],
                                                'mod_name'     => $row['mod_name'],
                                                'edit'         => (isset($row['add_edit'])) ? $row['add_edit'] : 0,
                                                'remove'       => (isset($row['add_remove'])) ? $row['add_remove'] : 0,
                                                'add'          => (isset($row['add_add'])) ? $row['add_add'] : 0,
                                                'view'         => (isset($row['add_view'])) ? $row['add_view'] : 0);
      }
      
      
      return $array_return;
   }
   
   /* Login */   
   static function Login($login_name,$pass){
      $array   = array();
      $admin   = new admin($login_name,$pass);
      if($admin->logged != 1){
         $array   = array( 'msg'    => $admin->msg_err,
                           'status' => 0);
      }else{
         $array   = array( 'msg'    => 'Đăng nhập thành công',
                           'status' => 1);
         $admin->set_cookie();
      }
      
      return $array;
   }
   
}

?>